-
Bug
-
Resolution: Won't Do
-
Normal
-
None
-
rhel-10.0.beta
-
None
-
No
-
Low
-
1
-
rhel-sst-security-crypto
-
ssg_security
-
None
-
False
-
-
None
-
Crypto24Q4
-
None
-
None
-
-
All
-
None
What were you trying to do that didn't work?
When running an OpenSSL server with ALPN enabled there are memory leaks from the server.
Valgrind report:
==148076== Memcheck, a memory error detector ==148076== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al. ==148076== Using Valgrind-3.23.0 and LibVEX; rerun with -h for copyright info ==148076== Command: /openssl/BUILD/openssl-3.2.2//apps/openssl s_server -cert server/cert.pem -key server/key.pem -accept 4433 -www -client_renegotiation -cipher PROFILE=SYSTEM:SHA1:SHA256 -alpn http/1.1 -client_renegotiation -cipher PROFILE=SYSTEM:SHA1:SHA256 -legacy_renegotiation ==148076== Parent PID: 94823 ==148076== ==148076== ==148076== Process terminating with default action of signal 15 (SIGTERM) ==148076== at 0x4E85BD0: accept (in /usr/lib64/libc.so.6) ==148076== by 0x4A1A00B: BIO_accept_ex (bio_sock2.c:424) ==148076== by 0x166C07: UnknownInlinedFun (s_socket.c:415) ==148076== by 0x166C07: s_server_main (s_server.c:2319) ==148076== by 0x14A4D3: do_cmd (openssl.c:426) ==148076== by 0x12B713: main (openssl.c:307) ==148076== ==148076== HEAP SUMMARY: ==148076== in use at exit: 494,040 bytes in 8,781 blocks ==148076== total heap usage: 49,101 allocs, 40,320 frees, 9,915,046 bytes allocated ==148076== ==148076== 2,304 bytes in 1 blocks are possibly lost in loss record 1,334 of 1,373 ==148076== at 0x488548C: malloc (vg_replace_malloc.c:446) ==148076== by 0x400439F: UnknownInlinedFun (rtld-malloc.h:56) ==148076== by 0x400439F: _dlfo_mappings_segment_allocate (dl-find_object.c:217) ==148076== by 0x400439F: _dl_find_object_update_1 (dl-find_object.c:671) ==148076== by 0x400439F: _dl_find_object_update (dl-find_object.c:805) ==148076== by 0x400BA9B: dl_open_worker_begin (dl-open.c:756) ==148076== by 0x4001343: _dl_catch_exception (dl-catch.c:237) ==148076== by 0x400AE2F: dl_open_worker (dl-open.c:803) ==148076== by 0x4001343: _dl_catch_exception (dl-catch.c:237) ==148076== by 0x400B2BB: _dl_open (dl-open.c:905) ==148076== by 0x4E15B47: dlopen_doit (in /usr/lib64/libc.so.6) ==148076== by 0x4001343: _dl_catch_exception (dl-catch.c:237) ==148076== by 0x400146F: _dl_catch_error (dl-catch.c:256) ==148076== by 0x4E1555F: _dlerror_run (in /usr/lib64/libc.so.6) ==148076== by 0x4E15C3F: dlopen@@GLIBC_2.34 (in /usr/lib64/libc.so.6) ==148076== ==148076== LEAK SUMMARY: ==148076== definitely lost: 0 bytes in 0 blocks ==148076== indirectly lost: 0 bytes in 0 blocks ==148076== possibly lost: 2,304 bytes in 1 blocks ==148076== still reachable: 491,736 bytes in 8,780 blocks ==148076== suppressed: 0 bytes in 0 blocks ==148076== Reachable blocks (those to which a pointer was found) are not shown. ==148076== To see them, rerun with: --leak-check=full --show-leak-kinds=all ==148076== ==148076== For lists of detected and suppressed errors, rerun with: -s ==148076== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
What is the impact of this issue to you?
very low
Please provide the package NVR for which the bug is seen:
openssl-3.2.2-12.el10
How reproducible is this bug?:
always
Steps to reproduce
- run openssl server under valgrid: "valgrind --leak-check=full --free-fill=0 --log-file=valgrind.log --error-exitcode=11 openssl s_server -cert cert.pem -key key.pem -www -client_renegotiation -alpn 'http/1.1'-client_renegotiation -legacy_renegotiation"
- run tlsfuzzer/scripts/test-alpn-negotiation.py against the server
- read valgrind.log file
Expected results
No memory leaks are present
Actual results
There are memory leaks